[sr-dev] git:master:8ed8d834: db_postgres: safety check of str buffer pointer before writing

Module: kamailio Branch: master Commit: 8ed8d8349dad1e2abd2ac026b4540e9a296c866b URL: https://github.com/kamailio/kamailio/commit/8ed8d8349dad1e2abd2ac026b4540e9… Author: Daniel-Constantin Mierla <miconda(a)gmail.com> Committer: Daniel-Constantin Mierla <miconda(a)gmail.com> Date: 2016-10-28T16:09:40+02:00 db_postgres: safety check of str buffer pointer before writing --- Modified: modules/db_postgres/pg_sql.c --- Diff: https://github.com/kamailio/kamailio/commit/8ed8d8349dad1e2abd2ac026b4540e9… Patch: https://github.com/kamailio/kamailio/commit/8ed8d8349dad1e2abd2ac026b4540e9… --- diff --git a/modules/db_postgres/pg_sql.c b/modules/db_postgres/pg_sql.c index 6f64cde..641773e 100644 --- a/modules/db_postgres/pg_sql.c +++ b/modules/db_postgres/pg_sql.c @@ -119,11 +119,11 @@ static inline int sb_add(struct string_buffer *sb, str *nstr) int rsize = sb->len + nstr->len; int asize; char *newp; - + if (rsize > sb->size) { asize = rsize - sb->size; - new_size = sb->size + (asize / sb->increment + - (asize % sb->increment > 0)) * sb->increment; + new_size = sb->size + (asize / sb->increment + + (asize % sb->increment > 0)) * sb->increment; newp = pkg_malloc(new_size); if (!newp) { ERR("postgres: No memory left\n"); @@ -136,8 +136,10 @@ static inline int sb_add(struct string_buffer *sb, str *nstr) sb->s = newp; sb->size = new_size; } - memcpy(sb->s + sb->len, nstr->s, nstr->len); - sb->len += nstr->len; + if(sb->s) { + memcpy(sb->s + sb->len, nstr->s, nstr->len); + sb->len += nstr->len; + } return 0; }